Voice authentication for call control

ABSTRACT

A communication network is disclosed that uses voice authentication to provide call control. The communication network includes a call control function, a voice collection system, a voice authentication system, and a permission system. The voice collection system collects voice samples of a first party during the call to a second party, and transmits the collected voice samples to the voice authentication system. The voice authentication system compares the collected voice samples to stored voice samples to determine the identity of the first party. The permission system determines whether the first party is authorized for the call based on the identity of the first party. The permission system generates results based on the determination and transmits the results to the call control function. The call control function then processes the results, and interrupts the call if the first party is not authorized.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The invention is related to the field of communication networks and, inparticular, to voice authentication of a party to a call and providingcall control based on the voice authentication.

2. Statement of the Problem

Telephone service and other associated services may be restricted toselected callers or may be tracked based on a particular caller. Forinstance, long distance calls may be restricted to selected callers, andthe callers need to enter a Personal Identification Number (PIN), anaccess code, etc, to make a long distance call. Also, long distancecalls may be tracked for billing purposes, and the callers need to entera PIN, an access code, etc, associated with the caller that allows thelong distance call to be tracked to that caller. In either case, thecaller enters information thought to be unique to the caller, such asthe PIN, the access code, etc. Unfortunately, this information is notsecure as anyone knowing the PIN or the access code can representthemselves as the proper caller. The forging caller can then accesstelephony services and other services for which they are not authorized.

Another issue is verifying the identity of parties to a call over atelephone network, especially when confidential information is involved.Increased commerce is being conducted over telephone networks, whichtypically involves confidential information such as account numbers,credit card numbers, etc. Current methods of verifying the identity of acaller is to ask the caller for information thought to be unique to thecaller, such as a private code, a mother's maiden name, a PIN, etc.Unfortunately, this information is not secure as anyone knowing theprivate code, the mother's maiden name, or the PIN of the caller canrepresent themselves as an authorized caller.

One solution to the security problems is to verify the identity of acaller based on their voice. Assume that Company X handles accounts formultiple people over the phone. To implement the voice verification,Company X would obtain voice samples from each of the account holdersand store the voice samples in a voice authentication system. The voiceauthentication system includes a database that stores the voice samplesof the account holders. The voice authentication system may convert thevoice samples into voice prints, which are characteristics that areunique to a voice. Assume that a caller subsequently places a call toCompany X to access an account, such as to purchase a product. A callcenter for Company X receives the call and instructs the caller to speakcertain words or phrases. The call center collects voice samples fromthe caller, and transmits the voice samples to the voice authenticationsystem for analysis. The voice authentication system compares thecollected voice samples to stored voice samples to verify the identityof the caller. If the identity of the caller is verified, then Company Xallows the caller access to his/her account. If the identity of thecaller is not verified, then Company X will deny the caller access tothe account.

One problem with the voice authentication process as described above isthat it is an active process. The call center has to instruct the callerto speak words or phrases in order to collect voice samples. This can beinefficient and annoying for the caller. Another problem is that voiceauthentication has not been effectively implemented in communicationnetworks, such as telephone networks, for the purpose of call control inthe communication network.

SUMMARY OF THE INVENTION

The invention solves the above and other related problems using voiceauthentication to provide call control for calls over a communicationnetwork. According to the invention, voice samples of a caller arecollected during the call. The voice samples are then processed todetermine the identity of the caller. If the caller as identified isauthorized for the call, then the call is allowed to continue. If thecaller is not authorized, then the call is interrupted. For instance,the call may be tom down, or redirected to a customer care center,account manager, etc, for subsequent processing, such as investigatingthis apparent attempt to gain fraudulent access to the network or userdata.

The invention advantageously provides a secure way of identifying aparty to a call to effectively implement call restriction and callbarring in the communication network. Voice is an attribute that isdifficult to forge, and provides added security as compared to PINs andaccess codes. The invention also collects the voice samples of thecaller in a passive manner so that the caller is unaware that voiceauthentication is taking place. Callers are therefore not bothered witha prompt from the communication network to speak a particular word orphrase. Callers also do not know when the voice authentication is takingplace, which makes it more difficult to avoid or fool the voiceauthentication process. The invention also allows records to begenerated that indicate who has made unauthorized calls.

In one embodiment of the invention, the communication network includes acall control function, a voice collection system, a voice authenticationsystem, a permission system, and a billing system. Assume that thecommunication network is connecting an active call between a first partyand a second party. The voice collection system collects voice samplesof the first party during the call, and transmits the collected voicesamples to the voice authentication system. The voice authenticationsystem compares the collected voice samples to stored voice samples todetermine the identity of the first party. The first party haspreviously stored voice samples in the voice authentication system. Thevoice authentication system then transmits the identity of the firstparty to the permission system. The permission system determines whetherthe first party is authorized for the call based on the identity of thefirst party. The permission system then generates results based on thedetermination and transmits the results to the call control function.The call control function processes the results. If the first party isauthorized for the call, then the call control function allows the callto continue. If the first party is not authorized for the call, then thecall control function interrupts the call, such as by initiating calltear down or redirecting the call.

The call control function may also generate a call record indicatingthat the call was unauthorized and indicating the identity of the firstparty making the unauthorized call. The call control function may thentransmit the call record to the billing system. The billing systemreceives the call record and generates a bill based on the call recordindicating that an unauthorized call was made and indicating theidentity of the first party making the unauthorized call.

The invention may include other exemplary embodiments described below.

DESCRIPTION OF THE DRAWINGS

The same reference number represents the same element on all drawings.

FIG. 1 illustrates a communication network in an exemplary embodiment ofthe invention.

FIG. 2 is a flow chart illustrating a method of operating thecommunication network of FIG. 1 in an exemplary embodiment of theinvention.

FIG. 3 illustrates another embodiment of the communication network.

FIG. 4 illustrates a voice authentication system for the embodiment ofFIG. 3.

FIG. 5 illustrates a permission system for the embodiment of FIG. 3.

FIG. 6 illustrates another embodiment of the communication network.

FIG. 7 illustrates a voice authentication system for the embodiment ofFIG. 6.

FIG. 8 illustrates a permission system for the embodiment of FIG. 6.

FIG. 9 illustrates another embodiment of the communication network.

FIG. 10 illustrates a voice authentication system for the embodiment ofFIG. 9.

DETAILED DESCRIPTION OF THE INVENTION

FIGS. 1-10 and the following description depict specific exemplaryembodiments of the invention to teach those skilled in the art how tomake and use the invention. For the purpose of teaching inventiveprinciples, some conventional aspects of the invention have beensimplified or omitted. Those skilled in the art will appreciatevariations from these embodiments that fall within the scope of theinvention. Those skilled in the art will appreciate that the featuresdescribed below can be combined in various ways to form multiplevariations of the invention. As a result, the invention is not limitedto the specific embodiments described below, but only by the claims andtheir equivalents.

FIG. 1 illustrates a communication network 100 in an exemplaryembodiment of the invention. Communication network 100 includes a callcontrol function (CCF) 110, a voice collection system 112, a voiceauthentication system 114, a permission system 116, and a billing system118. Call control function 110 is operable to establish, monitor, andtear down or redirect calls. Assume for this embodiment that an activecall is established between a first party 102 and a second party 103,and call control function 110 is monitoring the call. An active callcomprises an established call over which a conversation is taking place.Call control function 110 may be any call control function incommunication network 100. Communication network 100 may include othernetworks, systems, or devices not shown in FIG. 1.

Voice collection system 112 communicates with call control function 110.Voice collection system 112 may comprise a software application runningon the same platform as the call control function 110 or on a differentplatform. Alternatively, voice collection system 112 may comprise astandalone processing system that communicates with call controlfunction 110. Voice authentication system 114 may comprise a processingsystem and one or more databases. The processing system may be comprisedof a single processor or many parallel processors. The databases may beresident on a single computer or server, or may be distributed amongmultiple computers or servers in communication network 100. Permissionsystem 116 may have a similar configuration as the voice authenticationsystem 114. Billing system 118 comprises any system or server thatreceives call records, such as call detail records, and generatescustomer bills based on the call records.

The make-up of communication network 100 can take on any desired form.Communication network 100 may comprise a wireless network, a wirelinenetwork, a circuit-based network, a packet-based network, or any otherdesired network or combination thereof.

FIG. 2 is a flow chart illustrating a method 200 of operatingcommunication network 100 in an exemplary embodiment of the invention.The steps of the flow chart in FIG. 2 are not all inclusive and mayinclude other steps not shown. Also, not all of the steps are necessary,but may be used as desired or preferred.

For the description of method 200, assume that an active call has beenestablished between party 102 and party 103 in FIG. 1. If an active callis established, then spoken conversation in the form of bearercommunications are being exchanged between the parties 102-103. Callcontrol function 110 is monitoring and maintaining the call.

In step 202 of method 200, voice collection system 112 collects voicesamples of one of the parties 102-103 (assume party 102 in thisembodiment) during the call. Voice collection system 112 then transmitsthe collected voice samples to voice authentication system 114. Voicesamples are defined herein as any voice pattern, voice characteristic,or voice print. Voice collection system 112 may work in conjunction withcall control function 110 to collect the voice samples or may work withanother function or system to collect the voice samples. In thisembodiment, voice collection system 112 collects the voice samplespassively during the call. In other words, voice collection system 112copies a portion of the spoken conversation of party 102 to collect thevoice samples. The voice samples are collected without party 102 beingaware of the collection. In other embodiments, voice collection system112 or another system may instruct party 102 to provide voice samples tobe collected.

In step 204, voice authentication system 114 compares the collectedvoice samples to stored voice samples to determine the identity of party102. Voice authentication system 114 has previously stored voice samplesfor party 102 and other parties. The identity may be a name of party 102or some other type of identifier. Voice authentication system 114 mayalso generate an indication as to the level of confidence of theidentity of party 102. For instance, the level of confidence may be apercentage or another type of weighted value. Voice authenticationsystem 114 then transmits the identity of party 102 to permission system116.

In step 206, permission system 116 determines whether party 102 isauthorized for the call based on the identity of party 102. To beauthorized for a call means that the caller is authorized to place acall to a particular telephone number or numbers, the caller isauthorized to place a certain type of call, such as long distance orinternational calls, the caller is authorized to place a call from aparticular call station, etc. The authorization of a caller is based onpermissions stored in permission system 116 for the caller. Permissionsare privileges granted to a party with respect to what data or servicesthat party is allowed to use.

In this embodiment, permission system 116 has previously stored thepermissions for party 102 or for the telephone number used by party 102.In addition to receiving the identity of party 102, permission system116 may receive the originating telephone number for the call and/or thedestination telephone number for the call. In making the determinationwhether party 102 is authorized for the call, permission system 116 mayprocess the identity of party 102, the destination telephone number ofthe call, and stored permissions for party 102. For instance, onepermission for party 102 may be access to long distance service.Permission system 116 would determine whether the destination number isa long distance number, and then determine whether party 102 isauthorized for long distance service. Another permission for party 102may be access to 900 numbers. Permission system 116 would determinewhether the destination number is a 900 number and then determinewhether party 102 is authorized to call 900 numbers.

In step 208, permission system 116 generates results based on thedetermination. The results indicate if party 102 is authorized for thecall. Permission system 116 then transmits the results to call controlfunction 110.

Call control function 110 processes the results. If party 102 isauthorized for the call, then call control function 110 allows the callto continue in step 210. If party 102 is not authorized for the call,then call control function 110 interrupts the call in step 212.Interrupting the call may mean initiating call tear down, redirectingthe call, or any other type of interrupt.

Method 200 may be performed immediately after the call is establishedand conversation has begun between party 102 and party 103 to verifythat party 102 is authorized for the call. By performing method 200immediately, an unauthorized party can be identified early in the calland the call can be interrupted.

Method 200 may also be periodically performed to ensure that anauthorized party remains on the call. For instance, party 102 mayinitiate the call and begin a conversation with party 103. At some timeduring the call, party 102 may turn the conversation over to anotherparty that is not authorized for the call. If method 200 is periodicallyrun, method 200 would determine that the other party is not authorizedfor the call and would interrupt the call.

Method 200 may also be performed responsive to a control signal from asource. For instance, if a party is suspected of making unauthorizedcalls, method 200 can be performed upon request to stop the unauthorizeduse.

Along with interrupting the call, call control function 110 may performother functions. Call control function 110 may play an announcement toparty 102 and/or party 103 indicating that the call is being interruptedand possibly a reason why the call is being interrupted. Call controlfunction 110 may generate a call record indicating that the call wasunauthorized and indicating the identity of party 102 making theunauthorized call. Call control function 110 may then transmit the callrecord to billing system 118. Billing system 118 receives the callrecord and generates a bill based on the call record indicating that anunauthorized call was made and indicating the identity of party 102making the unauthorized call. Thus, a record is made of unauthorizedcalls and the culprits of such calls.

Communication network 100 advantageously provides for a secure way ofidentifying party 102 to effectively implement call restriction and callbarring. Communication network 100 collects the voice samples of party102 in a passive manner so that party 102 is unaware that voiceauthentication is taking place. Party 102 is therefore not bothered witha prompt from communication network 100 to speak a particular word orphrase. Communication network 100 also allows records to be generatedthat indicate if party 102 has made unauthorized calls.

FIGS. 3-10 illustrate examples of operating communication network 100 inexemplary embodiments of the invention.

EXAMPLE 1

In this example, voice authentication is used for call control incommunication network 100 to restrict calls. FIG. 3 illustratescommunication network 100 connecting a call between a calling party 302and a called party 303. Calling party 302 is at the Smith residence 301and may be Dad, Mom, or Junior. Calling party 302 has the telephonenumber of (303) 555-9999. Called party 303 has the telephone number of(900) 555-0000.

As in FIG. 1, communication network 100 includes call control function(CCF) 110, voice collection system 112, voice authentication system 114,permission system 116, and billing system 118. Call control function 110in this embodiment is an originating call control function 110 for thecall, such as a call control function in an originating switch, in anoriginating Mobile Switching Center (MSC), or in some other originatingnode for communication network 100. Communication network 100 furtherincludes a terminating call control function 308. Communication network100 may include other networks, systems, or devices not shown in FIG. 3.

FIG. 4 illustrates one embodiment of voice authentication system 114.Voice authentication system 114 comprises a processing system 402coupled to a database 404. Processing system 402 may be comprised of asingle processor or multiple parallel processors. Database 404 may beresident on a single computer or server, or may be distributed amongmultiple computers or servers in communication network 100. Database 404is pre-programmed with and stores voice samples for multiple users. Oneof the entries in database 404 is an entry for the voice samples (orvoice prints) associated with the telephone number (303) 555-9999, whichis the number for the Smith residence 301. There is a voice sample foreach of Dad, Mom, and Junior that were pre-recorded at some point.

FIG. 5 illustrates one embodiment of permission system 116. Permissionsystem 116 comprises a processing system 502 and a database 504.Processing system 502 and database 504 could be the same processingsystem 402 and database 404 as in voice authentication system 114, orthey may be separate systems. Database 504 is pre-programmed with andstores permissions for multiple users. One of the entries in database504 is an entry for the permissions associated with the telephone number(303) 555-9999, which is the number for the Smith residence 301. Thereare permissions defined for each of Dad, Mom, and Junior. Permissionsmay be based on categories or types of calls, destination telephonenumbers, or any other information. For instance, one permission is fortelephone number (900) 555-0000, where Dad and Mom are authorized toplace calls and Junior is not. Another permission is for the category ofinternational calls, where Dad and Mom are authorized to place calls andJunior is not. Another permission is for the category of long distancecalls, where Dad and Mom are authorized to place calls and Junior isnot. Another permission is the telephone number for Grandma, where Dad,Mom, and Junior are authorized to place calls. This entry for telephonenumber (303) 555-9999 may include many other permissions not shown inFIG. 5.

When in operation in FIG. 3, calling party 302 dials the number forcalled party 303. The call is established between calling party 302 andcalled party 303 over communication network 100 through originating callcontrol function 110 and terminating call control function 308. With thecall established, spoken words in the form of bearer communications arebeing exchanged between the parties 302-303. Voice collection system 112passively collects voice samples of calling party 302 during the call.Voice collection system 112 transmits the collected voice samples tovoice authentication system 114.

Processing system 402 in voice authentication system 114 receives thecollected voice samples (see FIG. 4). Processing system 402 alsoreceives the telephone number of calling party 302, which is (303)555-9999. Processing system 402 looks up the entry for the telephonenumber of calling party 302 in database 404. The entry for the telephonenumber of calling party 302 includes voice samples for each of Dad, Mom,and Junior. Processing system 402 compares the collected voice samplesfrom the call to the voice samples of Dad, Mom, and Junior stored indatabase 404 to determine the identity of calling party 302. Processingsystem 402 then transmits the identity of calling party 302 topermission system 116.

Processing system 502 in permission system 116 receives the identity ofcalling party 302 (see FIG. 5). Processing system 502 also receives thetelephone number dialed by calling party 302, which is (900) 555-0000,and the telephone number of calling party 302, which is (303) 555-9999.Processing system 502 looks up the entry for the permissions for thetelephone number of calling party 302 in database 504. Based on theidentity of calling party 302 and the telephone number dialed by callingparty 302, processing system 502 determines whether calling party 302 isauthorized for the call. For instance, if calling party 302 isidentified as Junior, then processing system 502 would determine thatcalling party 302 is not authorized for the current call to (900)555-0000. If calling party 302 is identified as Dad or Mom, thenprocessing system 502 would determine that calling party 302 isauthorized for the current call. Processing system 502 generates resultsindicating whether calling party 302 is authorized for the call.Processing system 502 then transmits the results to call controlfunction 110.

Call control function 110 processes the results. If calling party 302 isauthorized for the call, then call control function 110 allows the callto continue. If calling party 302 is not authorized for the call, thencall control function 110 interrupts the call. Call control function 110also plays an announcement to calling party 302 and called party 303indicating that the call is being interrupted. The announcement may alsoindicate a reason why the call is being interrupted.

Call control function 110 also generates a call record indicating thatthe call was unauthorized and indicating the identity of calling party302 making the unauthorized call. Assume that calling party 302 isJunior. Call control function 110 generates a call record indicating,among other things, that an unauthorized call was placed by Junior to(900) 555-0000 and the call was interrupted. Call control function 110then transmits the call record to billing system 118. Billing system 118receives the call record and generates a bill indicating, among otherthings, that an unauthorized call was placed by Junior to (900)555-0000. The people at the Smith residence 301 may then see in theirbill who has made unauthorized calls.

EXAMPLE 2

In this example, voice authentication is used for call control incommunication network 100 to restrict calls. FIG. 6 illustratescommunication network 100 connecting a call between a calling party 602(through PBX 605) and a called party 603. Calling party 602 is atCompany Z 601 and may comprise an engineer, an attorney, an accountant,or any other employee of Company Z 601. Calling party 602 has placed thecall from telephone number of (303) 555-8000 inside Company Z 601.Company Z 601 may have many other telephone numbers such as (303)555-8000 through (303) 555-8009. Called party 603 has the telephonenumber of (703) 555-1000.

As in FIG. 1, communication network 100 includes call control function(CCF) 110, voice collection system 112, voice authentication system 114,permission system 116, and billing system 118. Call control function 110in this embodiment is an originating call control function 110 for thecall, such as a call control function in an originating switch, in anoriginating MSC, or in some other originating node for communicationnetwork 100. Communication network 100 further comprises a terminatingcall control function 608. Communication network 100 may include othernetworks, systems, or devices not shown in FIG. 6.

Voice authentication system 114, as shown in FIG. 7, has a similarconfiguration as shown in FIG. 4. Voice authentication system 114includes processing system 402 and database 404. Database 404 ispre-programmed with and stores voice samples for employees of Company Z601. The voice samples for the employees for Company Z 601 werepre-recorded at some point.

Permission system 116, as shown in FIG. 8, has a similar configurationas shown in FIG. 5. Permission system 116 comprises processing system502 and database 504. One of the entries in database 504 is an entry forthe permissions associated with the employees of Company Z 601. Thereare permissions defined for each employee. For instance, one permissionis for the category of international calls. Another permission is forthe category of long distance calls. Another permission is for telephonenumbers from which certain employees may not make calls (such asunsecure locations).

When in operation in FIG. 6, calling party 602 dials the number forcalled party 603. The call is established between calling party 602 andcalled party 603 over communication network 100 through originating callcontrol function 110 and terminating call control function 608. With thecall established, spoken words in the form of bearer communications arebeing exchanged between the parties 602-603. Voice collection system 112passively collects voice samples of calling party 602 during the call.Voice collection system 112 then transmits the collected voice samplesto voice authentication system 114.

Processing system 402 in voice authentication system 114 receives thecollected voice samples (see FIG. 7). Processing system 402 alsoreceives the telephone number of calling party 602, which is (303)555-8000. Processing system 402 looks up the entry for the telephonenumber of calling party 602 in database 404. The entry for the telephonenumber of calling party 602 includes voice samples for each of theemployees of Company Z 601. Processing system 402 compares the collectedvoice samples from the call to the voice samples of the employees storedin database 404 to determine the identity of calling party 602.Processing system 402 then transmits the identity of calling party 602to permission system 116.

Processing system 502 in permission system 116 receives the identity ofcalling party 302 (see FIG. 8). Processing system 502 also receives thetelephone number dialed by calling party 602, which is (703) 555-1000,and the telephone number of calling party 602, which is (303) 555-8000.Processing system 502 looks up the entry for the permissions for thetelephone number of calling party 602 in database 504. Based on theidentity of calling party 602 and the telephone number dialed by callingparty 602, processing system 502 determines whether calling party 602 isauthorized for the call. In this instance, the determination is whethercalling party 602 is authorized to place the call to this particulardestination. For instance, if calling party 602 is identified asEmployee 1 and the telephone number called was a long distance call,then processing system 502 would determine that calling party 602 is notauthorized for the current call. If calling party 602 is identified asEmployee 4 and the telephone number called was a long distance call,then processing system 502 would determine that calling party 602 isauthorized for the current call.

Processing system 502 also determines whether calling party 602, asidentified above, is authorized to place the call from a particular callstation or particular telephone number in Company Z 601. Calling party602 called from a call station having the telephone number (303)555-8000. Therefore, processing system 502 determines whether callingparty 602 is authorized to place a call from (303) 555-8000. If callingparty 602 is identified as Employee 2, then processing system 502 woulddetermine that calling party 602 is not authorized to place a call fromthis call station. If calling party 602 is identified as Employee 3,then processing system 502 would determine that calling party 602 isauthorized to place a call from this call station.

Processing system 502 generates results based on the abovedeterminations whether calling party 602 is authorized for the call.Processing system 502 transmits the results to call control function110.

Call control function 110 processes the results. If calling party 602 isauthorized for the call, then call control function 110 allows the callto continue. If calling party 602 is not authorized for the call, thencall control function 110 interrupts the call. Call control function 110also plays an announcement to calling party 602 and called party 604indicating that the call is being interrupted. The announcement may alsoindicate a reason why the call is being interrupted.

Call control function 110 also generates a call record for the call. Ifthe call was interrupted, then the call record indicates that the callwas unauthorized and indicates the identity of calling party 602 makingthe unauthorized call. If the call was not interrupted, then the callrecord indicates the identity of calling party 602 to allow for trackingof calls within Company Z 601. Call control function 110 then transmitsthe call record to billing system 118. Billing system 118 receives thecall record and generates a bill. The bill will indicate which employeesmade what calls from what call stations. The bill will also indicate ifan employee has made unauthorized calls.

EXAMPLE 3

In this example, voice authentication is used to verify the identity ofa calling party to a called party. FIG. 9 illustrates communicationnetwork 100 connecting a call between a calling party 902 and a calledparty 903. As in FIG. 1, communication network 100 includes call controlfunction (CCF) 110, voice collection system 112, and voiceauthentication system 114. Call control function 110 in this embodimentis a terminating call control function 110 for the call, such as a callcontrol function in a terminating switch, in a terminating MSC, or insome other terminating node for communication network 100. Communicationnetwork 100 further comprises an originating call control function 908.Communication network 100 may include other networks, systems, ordevices not shown in FIG. 9.

Voice authentication system 114, as shown in FIG. 10, has a similarconfiguration as shown in FIGS. 4 and 7. Voice authentication system 114includes processing system 402 and database 404. Database 404 ispre-programmed with and stores voice samples for multiple callers thatwere pre-recorded at some point. For instance, one entry is for GeorgeP. Burdell who has previously stored voice samples and his telephonenumber (303) 555-5000. Another entry is for Mary Johnson who haspreviously stored voice samples and her telephone number (303) 555-5010.Another entry is for Bill Jones who has previously stored voice samplesand his telephone number (303) 555-5020.

When in operation in FIG. 9, calling party 902 dials the number forcalled party 903. The call is established between calling party 902 andcalled party 903 over communication network 100 through originating callcontrol function 908 and terminating call control function 110. With thecall established, spoken words in the form of bearer communications arebeing exchanged between the parties 902-903. Voice collection system 112passively collects voice samples of calling party 902 during the call.Voice collection system 112 then transmits the collected voice samplesto voice authentication system 114.

Processing system 402 in voice authentication system 114 receives thecollected voice samples (see FIG. 10). Processing system 402 alsoreceives the telephone number of calling party 902 from voiceauthentication system 114. Processing system 402 looks up the entry forthe telephone number of calling party 602 in database 404. The entry forthe telephone number of calling party 902 includes voice samples forcalling party 902. Processing system 402 then compares the collectedvoice samples from the call to the voice samples stored in database 404to determine the identity of calling party 902. Processing system 402may also generate an indication as to the level of confidence of theidentity of calling party 902. For instance, the level of confidence maybe a percentage or another type of weighted value. Processing system 402then transmits the identity of calling party 902, and possibly the levelof confidence, to called party 903. Called party 903 may thenauthenticate the identity of the calling party 902 based on theinformation provided by voice authentication system 114.

1. A communication network connecting an active call between a firstparty and a second party, the communication network comprising: a voicecollection system that collects voice samples of the first party duringthe call; a voice authentication system that receives the collectedvoice samples from the voice collection system, and compares thecollected voice samples to stored voice samples to determine theidentity of the first party; a permission system that receives theidentity of the first party from the voice authentication system,determines if the first party is authorized for the call based on theidentity of the first party, and generates results based on thedetermination; and a call control function for the call that receivesthe results from the permission system, and interrupts the callresponsive to the results indicating that the first party was notauthorized for the call.
 2. The communication network of claim 1 whereinthe call control function interrupts the call by initiating call teardown.
 3. The communication network of claim 1 wherein the call controlfunction interrupts the call by redirecting the call.
 4. Thecommunication network of claim 1 wherein the call control functionallows the call to continue responsive to the results indicating thatthe first party was authorized for the call.
 5. The communicationnetwork of claim 1 wherein the voice collection system passivelycollects the voice samples of the first party during the call withoutprompting the first party.
 6. The communication network of claim 1wherein the call control function plays an announcement to at least oneof the first party and the second party responsive to interrupting thecall.
 7. The communication network of claim 1 wherein the call controlfunction generates a call record indicating that the call wasunauthorized and indicating the identity of the first party responsiveto the results indicating that the first party was not authorized forthe call.
 8. The communication network of claim 7 further comprising: abilling system that receives the call record from the call controlfunction and generates a bill based on the call record indicating thatthe call was unauthorized and indicating the identity of the firstparty.
 9. The communication network of claim 1 wherein the voiceauthentication system further transmits the identity of the first partyto the second party during the call.
 10. A method of operating acommunication network connecting an active call between a first partyand a second party, the method comprising: collecting voice samples ofthe first party during the call; comparing the collected voice samplesto stored voice samples to determine the identity of the first party;determining if the first party is authorized for the call based on theidentity of the first party; and interrupting the call responsive to adetermination that the first party was not authorized for the call. 11.The method of claim 10 wherein interrupting the call comprisesinitiating call tear down.
 12. The method of claim 10 whereininterrupting the call comprises redirecting the call.
 13. The method ofclaim 10 further comprising: allowing the call to continue responsive toa determination that the first party was authorized for the call. 14.The method of claim 10 wherein collecting voice samples of the firstparty during the call comprises: passively collecting the voice samplesof the first party during the call without prompting the first party.15. The method of claim 10 further comprising: playing an announcementto at least one of the first party and the second party responsive tointerrupting the call.
 16. The method of claim 10 further comprising:generating a call record indicating that the call was unauthorized andindicating the identity of the first party responsive to a determinationthat the first party was not authorized for the call.
 17. The method ofclaim 16 further comprising: generating a bill based on the call recordindicating that the call was unauthorized and indicating the identity ofthe first party.
 18. The method of claim 10 further comprising:transmitting the identity of the first party to the second party duringthe call.
 19. A communication network, comprising: an originating callcontrol function connecting a call to a calling party; a terminatingcall control function connecting the call to a called party; a voicecollection system that passively collects voice samples of the callingparty during the call; a voice authentication system that receives thecollected voice samples from the voice collection system, and comparesthe collected voice samples to stored voice samples to determine theidentity of the calling party; and a permission system that receives theidentity of the calling party from the voice authentication system,determines if the calling party is authorized for the call based on theidentity of the calling party, and generates results based on thedetermination; wherein the originating call control function receivesthe results from the permission system, interrupts the call responsiveto the results indicating that the calling party was not authorized forthe call, and allows the call to continue responsive to the resultsindicating that the calling party was authorized for the call.
 20. Thecommunication network of claim 19 wherein the voice authenticationsystem further transmits the identity of the calling party to the calledparty during the call, and transmits a level of confidence of theidentity of the calling party.